Compliance Aware Service Registry and Load Balancing

1. A computer-implemented method, comprising: registering, by a system operatively coupled to a processor, a service determined to be a compliant service in a compliance-aware service registry; evaluating, by the system, the compliant service in the compliance-aware service registry for runtime compliance; and deregistering, by the system, the compliant service from the compliance-aware service registry based on a determination that the compliant service no longer satisfies a defined compliant policy rule during the runtime compliance, wherein the evaluating the compliant service comprises evaluating the compliant service on a per policy basis, and wherein the evaluating the compliant service on the per policy basis increases a compliance capability and routing efficiency of a load balancer ring.

2. The computer-implemented method of claim 1 , wherein the registering the service is based on a challenge-response model comprising: sending, by the system, a register request for the service to a centralized registry service; registering, by the system, the service as the compliant service in the compliance-aware service registry based on a determination that a compliance report received from the centralized registry service is an objective report; and storing, by the system, credentials of the service in the centralized registry service.

3. The computer-implemented method of claim 1 , further comprising: enabling, by the system, the compliant service in the compliance-aware service registry to be discoverable by other services.

4. The computer-implemented method of claim 1 , further comprising: evaluating, by the system, the service for compliance with the defined compliant policy rule after a defined interval after the compliant service is deregistered from the compliance-aware service registry; and reregistering, by the system, the service in the compliance-aware service registry based on the service being in compliance with the defined compliant policy rule after the defined interval.

5. The computer-implemented method of claim 1 , wherein the deregistering the compliant service from the compliance-aware service registry comprises removing the service from the compliance-aware service registry.

6. The computer-implemented method of claim 1 , wherein the deregistering the compliant service from the compliance-aware service registry comprises rendering the service undiscoverable by other services.

7. The computer-implemented method of claim 1 , wherein the service is selected from a group consisting of a container, a virtual machine, and a physical host.

8. The computer-implemented method of claim 1 , wherein the evaluating the compliant service in the compliance-aware service registry for the runtime compliance comprises determining the service conforms to a policy, wherein the policy is selected from a group consisting of a security policy, a vulnerability policy, and a customized policy.

9. A system, comprising: a memory that stores computer executable components; and a processor that executes the computer executable components stored in the memory, wherein the computer executable components comprise: an insertion component that registers a service determined to be a compliant service in a compliance-aware service registry; a verification component that evaluates compliant service in the compliance-aware service registry for runtime compliance; and an extraction component that deregisters the compliant service from the compliance-aware service registry based on a determination that the compliant service no longer satisfies a defined compliant policy rule during the runtime compliance, wherein the verification component determines a compliance state of the service using a balancing algorithm.

10. The system of claim 9 , wherein the verification component determines a compliance state of the service at runtime, and wherein a determination of the compliance state of the service at runtime increases a routing efficiency of a load balancer ring.

11. The system of claim 9 , wherein the verification component performs a first determination and a second determination based on a first policy defined for a first device that requests use of the service.

12. The system of claim 11 , wherein the first policy comprises a quality of service parameter defined for the first device.

13. The system of claim 11 , wherein the verification component performs a third determination and a fourth determination based on a second policy defined for a second device that requests use of the service.

14. The system of claim 13 , wherein the first determination and the second determination are independent of the third determination and the fourth determination.